Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/36ON7UJf6RKUVtPkHxjJbIPu6wI.roa
File: 36ON7UJf6RKUVtPkHxjJbIPu6wI.roa (raw, json)
Hash identifier: avWtErCBxgMuS2W52KAD2WqaiRKt44F6kD+P9GJZHVc=
Subject key identifier: DF:A3:8D:ED:42:5F:E9:12:94:56:D3:E4:1F:18:C9:6C:83:EE:EB:02
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01994862253188D0177784AF0A2EE28B1DA0
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/36ON7UJf6RKUVtPkHxjJbIPu6wI.roa
Signing time: Sun 14 Sep 2025 13:20:15 +0000
ROA not before: Sun 14 Sep 2025 13:20:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 195.216.162.0/24 maxlen: 24
195.216.163.0/24 maxlen: 24
195.216.172.0/24 maxlen: 24
195.216.173.0/24 maxlen: 24
195.216.174.0/24 maxlen: 24
195.216.175.0/24 maxlen: 24
195.216.191.0/24 maxlen: 24
213.182.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:48:62:25:31:88:d0:17:77:84:af:0a:2e:e2:8b:1d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 14 13:20:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfa38ded425fe9129456d3e41f18c96c83eeeb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:03:22:89:c9:fd:d7:ed:d0:6b:4e:75:bc:86:
7d:87:c3:9f:a8:ca:7f:47:b1:35:53:9b:67:9f:c5:
3a:f3:96:4c:a4:c0:80:33:66:98:d2:f4:0a:d8:95:
4f:a3:e4:50:94:aa:14:7e:43:ba:73:03:8e:5a:03:
e5:5e:2c:5e:b1:1c:36:61:cb:48:e7:02:11:97:66:
c4:96:06:19:6c:4d:99:0f:29:25:8d:33:cf:b8:bc:
5e:c1:66:e6:2a:f9:d0:03:1a:31:cf:5b:3f:70:ba:
78:1c:ef:98:da:a1:f6:30:5e:61:81:2d:3a:4b:61:
fe:7b:b4:ba:89:01:34:f5:83:ca:e2:8a:73:c1:41:
aa:32:a4:85:c7:f5:9e:ac:17:da:2b:8b:eb:db:23:
60:e5:47:df:e4:43:77:a9:56:98:16:72:7a:0f:d2:
88:b3:cb:a2:62:b3:1a:d8:0a:a0:cf:36:b4:12:65:
40:7a:11:3a:5c:6a:3b:83:3e:43:dc:54:fb:d3:a2:
1b:97:88:9c:1b:b4:a8:bd:69:65:51:c4:8a:21:95:
71:22:f0:ad:6f:42:d1:c4:de:e2:01:9b:bd:66:be:
82:58:32:ca:ce:c8:87:ff:0c:e5:e0:40:d3:e9:32:
79:55:5a:98:30:3d:50:d6:1a:89:1f:bb:3f:01:72:
73:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A3:8D:ED:42:5F:E9:12:94:56:D3:E4:1F:18:C9:6C:83:EE:EB:02
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/36ON7UJf6RKUVtPkHxjJbIPu6wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.172.0/22
195.216.191.0/24
213.182.192.0/24
Signature Algorithm: sha256WithRSAEncryption
35:cc:0b:5d:7d:29:34:40:76:2f:2a:91:9c:7d:ba:9b:b7:c2:
6e:be:06:a9:1d:e8:ba:84:f9:32:92:4b:62:fe:52:69:ec:aa:
1d:b0:44:cb:45:5e:bd:43:90:8a:1f:33:6b:49:e9:a8:e0:23:
cf:ff:3c:51:42:c0:b3:1e:58:ba:f4:b5:46:71:84:b9:3c:9d:
ff:ab:7a:41:2e:72:80:20:a2:30:12:0c:ac:43:13:84:c6:f0:
8d:50:87:51:62:60:01:6f:38:f6:75:b6:1f:04:5e:fb:40:e9:
95:48:64:7f:c7:51:9f:12:ea:3d:2d:86:e7:2b:8d:5f:34:a6:
b3:b4:a5:b6:fd:18:02:ef:67:44:8b:0b:3f:3d:29:ac:50:c1:
01:7b:05:e3:44:1a:e3:0f:a6:3e:63:65:b0:d3:f8:8d:a3:cc:
02:f9:75:3d:9a:fe:b7:1c:b5:4d:03:8a:d9:d2:cf:e9:f5:a0:
21:66:fb:53:5b:70:e7:85:c6:68:ea:ca:8b:f5:5b:d3:ab:56:
fe:5d:26:ad:cf:c3:ac:2f:b5:c1:b2:b3:28:c9:e9:d4:0d:58:
53:45:b3:7a:07:7e:58:35:c2:ec:79:63:ab:c8:e9:e6:65:df:
f7:fa:13:aa:71:4c:db:78:f1:23:ed:4a:1d:e2:27:fe:4c:ca:
39:ff:0a:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlIYiUxiNAXd4SvCi7iix2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwOTE0MTMyMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEzOGRlZDQyNWZlOTEyOTQ1NmQzZTQxZjE4Yzk2YzgzZWVlYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gMiicn91+3Qa051vIZ9h8OfqMp/
R7E1U5tnn8U685ZMpMCAM2aY0vQK2JVPo+RQlKoUfkO6cwOOWgPlXixesRw2YctI
5wIRl2bElgYZbE2ZDykljTPPuLxewWbmKvnQAxoxz1s/cLp4HO+Y2qH2MF5hgS06
S2H+e7S6iQE09YPK4opzwUGqMqSFx/WerBfaK4vr2yNg5Uff5EN3qVaYFnJ6D9KI
s8uiYrMa2Aqgzza0EmVAehE6XGo7gz5D3FT706Ibl4icG7SovWllUcSKIZVxIvCt
b0LRxN7iAZu9Zr6CWDLKzsiH/wzl4EDT6TJ5VVqYMD1Q1hqJH7s/AXJzoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN+jje1CX+kSlFbT5B8YyWyD7usCMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMzZPTjdVSmY2UktVVnRQa0h4akpiSVB1NndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBw9iiAwQC
w9isAwQAw9i/AwQA1bbAMA0GCSqGSIb3DQEBCwUAA4IBAQA1zAtdfSk0QHYvKpGc
fbqbt8JuvgapHei6hPkykkti/lJp7KodsETLRV69Q5CKHzNrSemo4CPP/zxRQsCz
Hli69LVGcYS5PJ3/q3pBLnKAIKIwEgysQxOExvCNUIdRYmABbzj2dbYfBF77QOmV
SGR/x1GfEuo9LYbnK41fNKaztKW2/RgC72dEiws/PSmsUMEBewXjRBrjD6Y+Y2Ww
0/iNo8wC+XU9mv63HLVNA4rZ0s/p9aAhZvtTW3DnhcZo6sqL9VvTq1b+XSatz8Os
L7XBsrMoyenUDVhTRbN6B35YNcLseWOryOnmZd/3+hOqcUzbePEj7Uod4if+TMo5
/wpQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:30 2025 by rpki-client